EU age‑verification app hacked with little to no effort in public demo

What happened?

It has been reported that a public demo of an EU age‑verification app was bypassed with surprisingly little effort. A Reddit post and an accompanying video allegedly show a demonstrator — reportedly a security researcher — sidestepping the system during a live presentation, turning what was meant to be a proof‑of‑concept for safety into a very public embarrassment.

The hole

The demonstration, according to the posts, didn’t require exotic hardware or months of reverse engineering. Simple, low‑bar techniques were enough to defeat the checks onstage. If true, that’s a big red flag. Security demos are supposed to expose edge cases — not blow the door off in front of an audience.

Why it matters

EU regulators have been pressing for robust age checks online, citing child safety and content controls. But an insecure verification mechanism isn’t just a technical failure; it’s a policy problem. Roll out a broken system at scale and you risk undermining user trust, creating privacy nightmares, and giving bad actors an easy way around protections. Ask yourself: if a public demo can be bypassed, what hope is there for millions of users?

Next steps

So far, no authoritative statement from EU bodies or the app’s developer has been widely reported — and independent audits and fixes are exactly what’s needed. This episode is a reminder: security is hard, and performative demos don’t cut it. Patch the code, invite scrutiny, and then show us it actually works. Otherwise, expect regulators and the public to be unforgiving.

Sources: reddit